1. CVE-2026-3055: Citrix NetScaler ADC/Gateway SAML IdP Memory Overread (CitrixBleed 3) Exposes Session Tokens
A critical new vulnerability, CVE-2026-3055, is being actively probed in the wild, targeting Citrix NetScaler ADC and Gateway appliances configured as SAML Identity Providers. With a CVSS score of 9.3, this unauthenticated memory overread flaw—dubbed 'CitrixBleed 3'—allows attackers to directly leak sensitive session t...